Compare your login and ssh pam configs (ssh works, login doesn't). They'll be under /etc/pam.d/.
- chris
Chris Jacobs, Systems Administrator
Apollo Group | Apollo Marketing | Aptimus
2001 6th Ave Ste 3200 | Seattle, WA 98121
phone: 206.441.9100 x1245 | mobile: 206.601.3256 | fax: 206.441.9661
email: chris.jacobs@apollogrp.edu
From: openldap-technical-bounces+chris.jacobs=apollogrp.edu@OpenLDAP.org
To: openldap-technical@openldap.org
Sent: Wed Jun 16 14:26:19 2010
Subject: I can't login linux (console) using after configurate openldap
HI,
I have started openldap more Samba but I can't do logon via console on my linux, only access my system using ssh or telnet . When I am on console I put login and password and press "enter" , again show me screen login linux . If change /etc/nsswitch.conf fields
passwd , shadow , group for files only, the login work normally , Thre is problem between openldap and pam ?
I paste my /etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
#hosts: db files nisplus nis dns
hosts: files dns wins
and /etc/pam.d/login
n#%PAM-1.0
auth required pam_securetty.so
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth required pam_unix2.so nullok try_first_pass #set_secrpc
account sufficient pam_ldap.so
account required pam_unix2.so
password required pam_pwcheck.so nullok
password required pam_ldap.so use_first_pass use_authtok
password required pam_unix2.so nullok use_first_pass use_authtok
session required pam_unix2.so none # debug or trace
session required pam_limits.so
session required pam_env.so
session optional pam_mail.so
#auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
#auth include system-auth
#account required pam_nologin.so
#account include system-auth
#password include system-auth
# pam_selinux.so close should be the first session rule
#session required pam_selinux.so close
#session include system-auth
#session required pam_loginuid.so
#session optional pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
#session required pam_selinux.so open
#session optional pam_keyinit.so force revoke
Thanks.
--
Bruno Steven - Administrador de sistemas.
LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4
https://www.lpi.org/caf/Xamman/certification
MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100
https://mcp.microsoft.com/authenticate/validatemcp.aspx
P Antes de imprimir pense em sua responsabilidade e comprometimento com o Meio Ambiente. Before printing this message, think about your ecologic responsability and environment commitment.
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.